Implementing Cyber Security In              &      From The Cloud      LS Subramanian          niseindia.com
Today’s AgendaCloud Security Alliance (CSA)CSA’s“ Security Guidance for Critical Areas  of Focus in Cloud Computing V 3.0”...
About the Cloud Security Alliance• Global, not-for-profit organization• Over 23,000 individual members, 100 corporate    m...
CSA - Initiativeshttps://cloudsecurityalliance.org/research/        Copyright © 2011 Cloud Security Alliance
HOW DO WE BUILD THE        “TRUSTED CLOUD?”…•   Strategy•   Education•   Security Framework•   Assessment•   Build for the...
Security Guidance           forCritical Areas of Focus            inCloud Computing V3.0    Prepared by theCloud Security ...
What is Cloud Computing?
CSA Security GuidanceCloud Computing Architecture
CSA Security Guidance What is Security for Cloud Computing?Understanding the impact of these differences betweenservice mo...
CSA Guidance Domains                      Architecture1. Cloud Computing Architectural Framework               Governing i...
CSA Guidance Domains               Operating in the Cloud7. Traditional Security, Business Continuity & DR8. Data Center O...
CSA - Trend Micro Partnership Founding Sponsor of CSA’s HQ in APAC Chair of the CSA Executive Council Sponsor one globa...
Cyber Security Solutions in the  Cloud and from the cloud
Who Has Control? Servers     Virtualization &                      Public Cloud                                Public Clou...
SecureCloud: Enterprise ControlledData Protection for the Cloud   Patent pending Trend Micro technology enables   enterpri...
A New Security Architecture For A New Era All environments should be considered un-trusted                Users           ...
CNAM – Real Time Attack DetectionARCHITECTURE
CNAM – Real Time Attack DetectionTOPOLOGY
CNAM – Real Time Attack DetectionMODEL
Acknowledgement  All ownership and credits for pictures, logos copyright            and trademarks rests with the owners. ...
The Future of Computing is the            Cloud   lssubramanian@niseindia.com
Upcoming SlideShare
Loading in …5
×

Lss implementing cyber security in the cloud, and from the cloud-feb14

440 views

Published on

This presentation outlines how security can be implemented in the cloud.

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
440
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Lss implementing cyber security in the cloud, and from the cloud-feb14

  1. 1. Implementing Cyber Security In & From The Cloud LS Subramanian niseindia.com
  2. 2. Today’s AgendaCloud Security Alliance (CSA)CSA’s“ Security Guidance for Critical Areas of Focus in Cloud Computing V 3.0”Cyber Security Solutions in the Cloudand from the cloud.
  3. 3. About the Cloud Security Alliance• Global, not-for-profit organization• Over 23,000 individual members, 100 corporate members, 50 chapters• Building best practices and a trusted cloud ecosystem• Agile philosophy, rapid development of applied research – GRC: Balance compliance with risk management – Reference models: build using existing standards – Identity: a key foundation of a functioning cloud economy – Champion interoperability – Enable innovation – Advocacy of prudent public policy “To promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing.”
  4. 4. CSA - Initiativeshttps://cloudsecurityalliance.org/research/ Copyright © 2011 Cloud Security Alliance
  5. 5. HOW DO WE BUILD THE “TRUSTED CLOUD?”…• Strategy• Education• Security Framework• Assessment• Build for the Future Copyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.org
  6. 6. Security Guidance forCritical Areas of Focus inCloud Computing V3.0 Prepared by theCloud Security Alliance
  7. 7. What is Cloud Computing?
  8. 8. CSA Security GuidanceCloud Computing Architecture
  9. 9. CSA Security Guidance What is Security for Cloud Computing?Understanding the impact of these differences betweenservice models and how they are deployed is critical to managing the risk posture of an organization.
  10. 10. CSA Guidance Domains Architecture1. Cloud Computing Architectural Framework Governing in the Cloud2. Governance & Enterprise Risk Management3. Legal Issues : Contracts & Electronic Discovery4. Compliance & Audit Management5. Information Management & Data Security6. Interoperability & Portability
  11. 11. CSA Guidance Domains Operating in the Cloud7. Traditional Security, Business Continuity & DR8. Data Center Operations9. Incident Response10. Application Security11. Encryption & Key Mgmt12. Identity & Access Mgmt13. Virtualization14. Security as a Service
  12. 12. CSA - Trend Micro Partnership Founding Sponsor of CSA’s HQ in APAC Chair of the CSA Executive Council Sponsor one global CSA research project Sponsor of all CSA events in APAC Update from all CSA Chapters in APAC CCSK certification for Trend Micro cloud security experts Engaging regional key stake holders including government, legal experts, service providers, technology providers and consumers. Customizing/developing relevant best practices and standards for the APAC market. Centre of excellence for research and training. Establishment of global standards secretariat within APAC
  13. 13. Cyber Security Solutions in the Cloud and from the cloud
  14. 14. Who Has Control? Servers Virtualization & Public Cloud Public Cloud Public Cloud Private Cloud’’’’’ IaaS PaaS SaaS End-User (Enterprise) Service Provider Trend Micro Confidential 2/26/2013 Copyright 2009 Trend Micro Inc.
  15. 15. SecureCloud: Enterprise ControlledData Protection for the Cloud Patent pending Trend Micro technology enables enterprises to retain control of data in the cloud Trend Micro Confidential2/26/2013 Copyright 2009 Trend Micro Inc. 15
  16. 16. A New Security Architecture For A New Era All environments should be considered un-trusted Users access app Deep SecurityDatacenter SecureCloud: • Facilitates movement between Public Cloud datacenter & cloud • Delivers control, security and compliance through encryption • Host defends Avoids service provider lock-in • itself from attack Enables secure storage recycling SecureCloud Data encrypted within the server Encryption keys controlled by you Encrypted Data Data Data Copyright 2009 Trend Micro Inc.
  17. 17. CNAM – Real Time Attack DetectionARCHITECTURE
  18. 18. CNAM – Real Time Attack DetectionTOPOLOGY
  19. 19. CNAM – Real Time Attack DetectionMODEL
  20. 20. Acknowledgement All ownership and credits for pictures, logos copyright and trademarks rests with the owners. We Acknowledge & thank owners for the use of theirmaterial in this presentation to educate on cloud computing. Material for this presentation has been sourced from CSA, NIST & Trend Micro & Net Monastery & others. We thank the organizations for allowing us to use this material.
  21. 21. The Future of Computing is the Cloud lssubramanian@niseindia.com

×